* adding linux client test to T1069.002 AD tests
* changed prereq for packages
* temp removing prereq
* adding first prereq
* prereq fails
* trying elevated permissions
* alright, no prereq
* Revert "temp removing prereq"
This reverts commit 3bc8ef5fb22dc09fa1ca2ad5282cbdbaf55280de.
* should work now
* removing prereq entirely
* correct dependency_executor
* adding prereq check for all packages
* adding input arg for password
* changing command to autoinclude password
* back to original command, starting work on 1078
* back to original command, starting work on 1078
* putting echo on command for runner to see arguments supplied
* continuing work on 1078
* first attempt at T1078.002
* removed extraneous code
* temp remove cleanup
* removed flag on echo
* updated first comand
* updating input variable ref
* removing flag again
* updating ou
* attempting to change ou to cn
* new uid
* explictely defining dc
* more attempts
* changed uid
* removed first uid
* trying without num
* changing cn back to ou
* change case
* fixed dc
* removing second dc ref
* following IBM guide
* removed extraneous space
* space between userpassword
* reintroducing dc
* added echo
* trying something new
* updated echo
* adding back admin user input
* attempting default
* trying add to previous group
* revert back to just admin user
* missed #
* adding back -x
* making ou and cn match
* attempting to match search style
* removing space
* improved formatting
* simplified
* replacing authentication
* -D object
* reintroduced admin user
* fixed top level domain
* return to old
* holding breath
* setting user to just person type
* removing uid from front
* changing dc
* trying to update cn
* update cn
* changing to object form... again
* chat gpt wrote this
* added cleanup
* updating command
* removed space
* added space
* revert from object
* looking into issues with cleanup command being unable to find user (yet it already exists)
* changed ldapdelete to ldapmodify
* updating temporary user name
* fixing typo in cleanup command
* creating new yaml file for T1136, similar to T1078. Future plans to modify T1078.002 to either run a process or elevate a user
* first attempt at creating domain admin
* changing CN to Domain Admins
* improved formatting (getting error 32)
* changing ldif file echo
* ldapadd to ldapmodify
* adding domain admins domain if it doesn't exist
* redo formatting
* removing create domain admin group
* trying ldapadd again
* updating prereq commands, removing admin requirement from ldapsearchs
* adding linux client test to T1069.002 AD tests
* changed prereq for packages
* temp removing prereq
* adding first prereq
* prereq fails
* trying elevated permissions
* alright, no prereq
* Revert "temp removing prereq"
This reverts commit 3bc8ef5fb22dc09fa1ca2ad5282cbdbaf55280de.
* should work now
* removing prereq entirely
* correct dependency_executor
* adding prereq check for all packages
* adding input arg for password
* changing command to autoinclude password
* back to original command, starting work on 1078
* back to original command, starting work on 1078
* putting echo on command for runner to see arguments supplied
* continuing work on 1078
* first attempt at T1078.002
* removed extraneous code
* temp remove cleanup
* removed flag on echo
* updated first comand
* updating input variable ref
* removing flag again
* updating ou
* attempting to change ou to cn
* new uid
* explictely defining dc
* more attempts
* changed uid
* removed first uid
* trying without num
* changing cn back to ou
* change case
* fixed dc
* removing second dc ref
* following IBM guide
* removed extraneous space
* space between userpassword
* reintroducing dc
* added echo
* trying something new
* updated echo
* adding back admin user input
* attempting default
* trying add to previous group
* revert back to just admin user
* missed #
* adding back -x
* making ou and cn match
* attempting to match search style
* removing space
* improved formatting
* simplified
* replacing authentication
* -D object
* reintroduced admin user
* fixed top level domain
* return to old
* holding breath
* setting user to just person type
* removing uid from front
* changing dc
* trying to update cn
* update cn
* changing to object form... again
* chat gpt wrote this
* added cleanup
* updating command
* removed space
* added space
* revert from object
* looking into issues with cleanup command being unable to find user (yet it already exists)
* changed ldapdelete to ldapmodify
* updating temporary user name
* fixing typo in cleanup command
* creating new yaml file for T1136, similar to T1078. Future plans to modify T1078.002 to either run a process or elevate a user
* first attempt at creating domain admin
* changing CN to Domain Admins
* improved formatting (getting error 32)
* changing ldif file echo
* ldapadd to ldapmodify
* adding domain admins domain if it doesn't exist
* redo formatting
* removing create domain admin group
* trying ldapadd again
* updating prereq commands, removing admin requirement from ldapsearchs
* small changes to search parameters
* changed Domains search to search for Domain Users
* added objectClass=group flag
* separating flag from string
* removing T1078, to be done in future
* added {cleartext} to admin password
* restoring deleted file. My antivirus really hates this file...
* update for spec
* update to spec
* adding name to atomic test
* moved from deprecated -h -p flags to -H flag
* fix cleanup commands with same flag changes
* add ldap://
* removing unused input variable, domain controller
* final commit, all tests passed with -H, updating the desc of T1136.002/4
---------
Co-authored-by: Hare Sudhan <code@0x6c.dev>
* fix: Updating atomics YAML file structure to align with the new JSON schema definition.
This also fixes some white space issues and general line formatting across all impacted atomics.
* fix: One additional change needed
---------
Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Atomic Red Team doc generator